QID 216261
Date Published: 2021-05-26
QID 216261: VMware vCenter Server 6.5 Update 6.5 U3p Missing (VMSA-2021-0010)
VMware vCenter is the centralized management tool for the vSphere suite.
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. (CVE-2021-21985)
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins.(CVE-2021-21986)
Affected Versions:
VMware vCenter Server 6.5 prior to build 17994927
QID Detection Logic (Unauthenticated):
This QID checks for vulnerable versions of VMware vCenter Server with build version using web service present on target.
QID Detection Logic (Auth):
This QID checks for a workaround in the Windows and Linux OS.
Note: We only support Linux authentication if the customer has a default bash shell assigned to the user.
Successful exploitation of the vulnerability will allow remote code execution and perform actions allowed by the impacted plug-ins without authentication.
Refer to VMware advisory VMSA-2021-0010 for more information.
Workaround:
Affected Plugins must be set to "incompatible." Disabling a plugin from within the UI does not prevent exploitation. Please refer to KB article KB83829 for more information.
- VMSA-2021-0010 -
www.vmware.com/security/advisories/VMSA-2021-0010.html
CVEs related to QID 216261
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| VMSA-2021-0010 |
www.vmware.com/security/advisories/VMSA-2021-0010.html |